Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix HandleVisitor instrumentation for jetty >= 11.16.0 (avoids logged error) #7100

Merged
merged 2 commits into from
Jun 3, 2024
Merged

Fix HandleVisitor instrumentation for jetty >= 11.16.0 (avoids logged error) #7100

merged 2 commits into from
Jun 3, 2024

Conversation

manuel-alvarez-alvarez
Copy link
Member

@manuel-alvarez-alvarez manuel-alvarez-alvarez commented May 30, 2024
edited
Loading

What Does This Do

Updates HandleVisitor used to instrument HttpChannel for blocking purposes in jetty, after version 11.16.0 the original code slightly changed causing a failure in the visitor and a warning message. Blocking was still working thanks of the instrumentation done in DispatchableInstrumentation, this just effectively removes the logger error and allows to block the request earlier.

Motivation

The instrumentation done by HandleVisitor is required to provide blocking capabilities in jetty.

Additional Notes

jetty/jetty.project@9e16d81
Jira ticket: APPSEC-52394

@manuel-alvarez-alvarez manuel-alvarez-alvarez added the comp: asm waf Application Security Management (WAF) label May 30, 2024
@manuel-alvarez-alvarez manuel-alvarez-alvarez marked this pull request as ready for review May 30, 2024 16:17
@manuel-alvarez-alvarez manuel-alvarez-alvarez requested a review from a team as a code owner May 30, 2024 16:17
@manuel-alvarez-alvarez

This comment was marked as resolved.

Sign in to view
@smola smola changed the title Fix jetty HandleVisitor for jetty >= 11.16.0 Fix request blocking for jetty >= 11.16.0 (HandleVisitor) May 30, 2024
@pr-commenter
Copy link

pr-commenter bot commented May 30, 2024
edited
Loading

Benchmarks

Startup

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master malvarez/waf-fix-blocking-jetty-11
git_commit_date 1717405497 1717405548
git_commit_sha f6c5dd3 f949838
release_version 1.35.0-SNAPSHOT~f6c5dd3681 1.35.0-SNAPSHOT~f9498381d8
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1717408826 1717408826
ci_job_id 529953595 529953595
ci_pipeline_id 35668245 35668245
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
module Agent Agent
parent None None
variant iast iast

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 49 metrics, 14 unstable metrics.

Startup time reports for insecure-bank 
gantt
    title insecure-bank - global startup overhead: candidate=1.35.0-SNAPSHOT~f9498381d8, baseline=1.35.0-SNAPSHOT~f6c5dd3681

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.063 s) : 0, 1062749
Total [baseline] (8.537 s) : 0, 8537232
Agent [candidate] (1.057 s) : 0, 1056580
Total [candidate] (8.528 s) : 0, 8527778
section iast
Agent [baseline] (1.164 s) : 0, 1164273
Total [baseline] (8.988 s) : 0, 8987768
Agent [candidate] (1.166 s) : 0, 1166222
Total [candidate] (9.013 s) : 0, 9013286
section iast_HARDCODED_SECRET_DISABLED
Agent [baseline] (1.176 s) : 0, 1175921
Total [baseline] (8.973 s) : 0, 8973148
Agent [candidate] (1.17 s) : 0, 1169573
Total [candidate] (9.01 s) : 0, 9010138
section iast_TELEMETRY_OFF
Agent [baseline] (1.16 s) : 0, 1160189
Total [baseline] (8.972 s) : 0, 8972060
Agent [candidate] (1.163 s) : 0, 1163435
Total [candidate] (8.982 s) : 0, 8981828
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.063 s -
Agent iast 1.164 s 101.524 ms (9.6%)
Agent iast_HARDCODED_SECRET_DISABLED 1.176 s 113.172 ms (10.6%)
Agent iast_TELEMETRY_OFF 1.16 s 97.44 ms (9.2%)
Total tracing 8.537 s -
Total iast 8.988 s 450.536 ms (5.3%)
Total iast_HARDCODED_SECRET_DISABLED 8.973 s 435.916 ms (5.1%)
Total iast_TELEMETRY_OFF 8.972 s 434.827 ms (5.1%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.057 s -
Agent iast 1.166 s 109.643 ms (10.4%)
Agent iast_HARDCODED_SECRET_DISABLED 1.17 s 112.993 ms (10.7%)
Agent iast_TELEMETRY_OFF 1.163 s 106.855 ms (10.1%)
Total tracing 8.528 s -
Total iast 9.013 s 485.509 ms (5.7%)
Total iast_HARDCODED_SECRET_DISABLED 9.01 s 482.36 ms (5.7%)
Total iast_TELEMETRY_OFF 8.982 s 454.051 ms (5.3%) 
gantt
    title insecure-bank - break down per module: candidate=1.35.0-SNAPSHOT~f9498381d8, baseline=1.35.0-SNAPSHOT~f6c5dd3681

    dateFormat X
    axisFormat %s
section tracing
BytebuddyAgent [baseline] (655.832 ms) : 0, 655832
BytebuddyAgent [candidate] (652.14 ms) : 0, 652140
GlobalTracer [baseline] (313.709 ms) : 0, 313709
GlobalTracer [candidate] (311.879 ms) : 0, 311879
AppSec [baseline] (50.26 ms) : 0, 50260
AppSec [candidate] (49.86 ms) : 0, 49860
Remote Config [baseline] (666.989 µs) : 0, 667
Remote Config [candidate] (659.524 µs) : 0, 660
Telemetry [baseline] (7.551 ms) : 0, 7551
Telemetry [candidate] (7.518 ms) : 0, 7518
section iast
BytebuddyAgent [baseline] (777.579 ms) : 0, 777579
BytebuddyAgent [candidate] (778.594 ms) : 0, 778594
GlobalTracer [baseline] (291.547 ms) : 0, 291547
GlobalTracer [candidate] (291.79 ms) : 0, 291790
AppSec [baseline] (48.769 ms) : 0, 48769
AppSec [candidate] (46.365 ms) : 0, 46365
IAST [baseline] (24.079 ms) : 0, 24079
IAST [candidate] (26.474 ms) : 0, 26474
Remote Config [baseline] (612.132 µs) : 0, 612
Remote Config [candidate] (587.098 µs) : 0, 587
Telemetry [baseline] (8.431 ms) : 0, 8431
Telemetry [candidate] (9.103 ms) : 0, 9103
section iast_HARDCODED_SECRET_DISABLED
BytebuddyAgent [baseline] (785.217 ms) : 0, 785217
BytebuddyAgent [candidate] (779.981 ms) : 0, 779981
GlobalTracer [baseline] (294.282 ms) : 0, 294282
GlobalTracer [candidate] (292.615 ms) : 0, 292615
AppSec [baseline] (47.872 ms) : 0, 47872
AppSec [candidate] (47.768 ms) : 0, 47768
IAST [baseline] (26.794 ms) : 0, 26794
IAST [candidate] (27.694 ms) : 0, 27694
Remote Config [baseline] (607.015 µs) : 0, 607
Remote Config [candidate] (583.117 µs) : 0, 583
Telemetry [baseline] (7.727 ms) : 0, 7727
Telemetry [candidate] (7.576 ms) : 0, 7576
section iast_TELEMETRY_OFF
BytebuddyAgent [baseline] (774.421 ms) : 0, 774421
BytebuddyAgent [candidate] (776.462 ms) : 0, 776462
GlobalTracer [baseline] (291.039 ms) : 0, 291039
GlobalTracer [candidate] (291.845 ms) : 0, 291845
AppSec [baseline] (48.946 ms) : 0, 48946
AppSec [candidate] (48.22 ms) : 0, 48220
IAST [baseline] (23.667 ms) : 0, 23667
IAST [candidate] (23.826 ms) : 0, 23826
Remote Config [baseline] (637.607 µs) : 0, 638
Remote Config [candidate] (619.397 µs) : 0, 619
Telemetry [baseline] (8.235 ms) : 0, 8235
Telemetry [candidate] (9.127 ms) : 0, 9127
Loading
Startup time reports for petclinic 
gantt
    title petclinic - global startup overhead: candidate=1.35.0-SNAPSHOT~f9498381d8, baseline=1.35.0-SNAPSHOT~f6c5dd3681

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.058 s) : 0, 1057884
Total [baseline] (10.329 s) : 0, 10328780
Agent [candidate] (1.059 s) : 0, 1058921
Total [candidate] (10.262 s) : 0, 10262047
section appsec
Agent [baseline] (1.188 s) : 0, 1188430
Total [baseline] (10.559 s) : 0, 10558542
Agent [candidate] (1.173 s) : 0, 1173442
Total [candidate] (10.493 s) : 0, 10493222
section iast
Agent [baseline] (1.167 s) : 0, 1167012
Total [baseline] (10.759 s) : 0, 10758781
Agent [candidate] (1.163 s) : 0, 1162877
Total [candidate] (10.688 s) : 0, 10688265
section profiling
Agent [baseline] (1.264 s) : 0, 1263698
Total [baseline] (10.626 s) : 0, 10625883
Agent [candidate] (1.267 s) : 0, 1266943
Total [candidate] (10.612 s) : 0, 10611504
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.058 s -
Agent appsec 1.188 s 130.546 ms (12.3%)
Agent iast 1.167 s 109.127 ms (10.3%)
Agent profiling 1.264 s 205.814 ms (19.5%)
Total tracing 10.329 s -
Total appsec 10.559 s 229.762 ms (2.2%)
Total iast 10.759 s 430.001 ms (4.2%)
Total profiling 10.626 s 297.103 ms (2.9%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.059 s -
Agent appsec 1.173 s 114.521 ms (10.8%)
Agent iast 1.163 s 103.956 ms (9.8%)
Agent profiling 1.267 s 208.022 ms (19.6%)
Total tracing 10.262 s -
Total appsec 10.493 s 231.175 ms (2.3%)
Total iast 10.688 s 426.219 ms (4.2%)
Total profiling 10.612 s 349.458 ms (3.4%) 
gantt
    title petclinic - break down per module: candidate=1.35.0-SNAPSHOT~f9498381d8, baseline=1.35.0-SNAPSHOT~f6c5dd3681

    dateFormat X
    axisFormat %s
section tracing
BytebuddyAgent [baseline] (652.822 ms) : 0, 652822
BytebuddyAgent [candidate] (653.742 ms) : 0, 653742
GlobalTracer [baseline] (312.519 ms) : 0, 312519
GlobalTracer [candidate] (312.475 ms) : 0, 312475
AppSec [baseline] (49.877 ms) : 0, 49877
AppSec [candidate] (49.809 ms) : 0, 49809
Remote Config [baseline] (663.865 µs) : 0, 664
Remote Config [candidate] (659.797 µs) : 0, 660
Telemetry [baseline] (7.487 ms) : 0, 7487
Telemetry [candidate] (7.523 ms) : 0, 7523
section appsec
BytebuddyAgent [baseline] (683.567 ms) : 0, 683567
BytebuddyAgent [candidate] (673.687 ms) : 0, 673687
GlobalTracer [baseline] (298.775 ms) : 0, 298775
GlobalTracer [candidate] (295.178 ms) : 0, 295178
AppSec [baseline] (153.255 ms) : 0, 153255
AppSec [candidate] (152.508 ms) : 0, 152508
Remote Config [baseline] (618.019 µs) : 0, 618
Remote Config [candidate] (616.061 µs) : 0, 616
Telemetry [baseline] (7.819 ms) : 0, 7819
Telemetry [candidate] (7.713 ms) : 0, 7713
IAST [baseline] (18.957 ms) : 0, 18957
IAST [candidate] (18.711 ms) : 0, 18711
section iast
BytebuddyAgent [baseline] (780.061 ms) : 0, 780061
BytebuddyAgent [candidate] (776.54 ms) : 0, 776540
GlobalTracer [baseline] (292.279 ms) : 0, 292279
GlobalTracer [candidate] (290.753 ms) : 0, 290753
AppSec [baseline] (49.684 ms) : 0, 49684
AppSec [candidate] (47.871 ms) : 0, 47871
Remote Config [baseline] (608.882 µs) : 0, 609
Remote Config [candidate] (600.845 µs) : 0, 601
Telemetry [baseline] (7.757 ms) : 0, 7757
Telemetry [candidate] (7.59 ms) : 0, 7590
IAST [baseline] (23.347 ms) : 0, 23347
IAST [candidate] (26.32 ms) : 0, 26320
section profiling
BytebuddyAgent [baseline] (665.56 ms) : 0, 665560
BytebuddyAgent [candidate] (666.042 ms) : 0, 666042
GlobalTracer [baseline] (386.512 ms) : 0, 386512
GlobalTracer [candidate] (387.372 ms) : 0, 387372
AppSec [baseline] (50.688 ms) : 0, 50688
AppSec [candidate] (51.155 ms) : 0, 51155
Remote Config [baseline] (836.807 µs) : 0, 837
Remote Config [candidate] (864.777 µs) : 0, 865
Telemetry [baseline] (7.38 ms) : 0, 7380
Telemetry [candidate] (7.528 ms) : 0, 7528
ProfilingAgent [baseline] (95.804 ms) : 0, 95804
ProfilingAgent [candidate] (96.795 ms) : 0, 96795
Profiling [baseline] (95.829 ms) : 0, 95829
Profiling [candidate] (96.819 ms) : 0, 96819
Loading

Load

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
end_time 2024-06-03T09:32:17 2024-06-03T09:39:06
git_branch master malvarez/waf-fix-blocking-jetty-11
git_commit_date 1717405497 1717405548
git_commit_sha f6c5dd3 f949838
release_version 1.35.0-SNAPSHOT~f6c5dd3681 1.35.0-SNAPSHOT~f9498381d8
start_time 2024-06-03T09:32:04 2024-06-03T09:38:53
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1717407892 1717407892
ci_job_id 529953596 529953596
ci_pipeline_id 35668245 35668245
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
variant iast iast

Summary

Found 0 performance improvements and 1 performance regressions! Performance is the same for 10 metrics, 17 unstable metrics.

scenario Δ mean http_req_duration Δ mean throughput candidate mean http_req_duration candidate mean throughput baseline mean http_req_duration baseline mean throughput
scenario:load:petclinic:profiling worse
[+39.039µs; +100.790µs] or [+2.638%; +6.811%]		 unstable
[-648.409op/s; +402.256op/s] or [-20.263%; +12.570%]		 1.550ms 3076.923op/s 1.480ms 3200.000op/s
Request duration reports for petclinic 
gantt
    title petclinic - request duration [CI 0.99] : candidate=1.35.0-SNAPSHOT~f9498381d8, baseline=1.35.0-SNAPSHOT~f6c5dd3681
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.343 ms) : 1324, 1362
.   : milestone, 1343,
appsec (1.728 ms) : 1704, 1752
.   : milestone, 1728,
appsec_no_iast (1.728 ms) : 1703, 1752
.   : milestone, 1728,
iast (1.502 ms) : 1479, 1525
.   : milestone, 1502,
profiling (1.48 ms) : 1456, 1504
.   : milestone, 1480,
tracing (1.462 ms) : 1439, 1486
.   : milestone, 1462,
section candidate
no_agent (1.342 ms) : 1321, 1362
.   : milestone, 1342,
appsec (1.725 ms) : 1702, 1749
.   : milestone, 1725,
appsec_no_iast (1.698 ms) : 1674, 1723
.   : milestone, 1698,
iast (1.487 ms) : 1464, 1509
.   : milestone, 1487,
profiling (1.55 ms) : 1517, 1583
.   : milestone, 1550,
tracing (1.475 ms) : 1450, 1500
.   : milestone, 1475,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 1.343 ms [1.324 ms, 1.362 ms] -
appsec 1.728 ms [1.704 ms, 1.752 ms] 385.08 µs (28.7%)
appsec_no_iast 1.728 ms [1.703 ms, 1.752 ms] 384.728 µs (28.6%)
iast 1.502 ms [1.479 ms, 1.525 ms] 159.053 µs (11.8%)
profiling 1.48 ms [1.456 ms, 1.504 ms] 136.861 µs (10.2%)
tracing 1.462 ms [1.439 ms, 1.486 ms] 119.523 µs (8.9%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 1.342 ms [1.321 ms, 1.362 ms] -
appsec 1.725 ms [1.702 ms, 1.749 ms] 383.642 µs (28.6%)
appsec_no_iast 1.698 ms [1.674 ms, 1.723 ms] 356.492 µs (26.6%)
iast 1.487 ms [1.464 ms, 1.509 ms] 145.055 µs (10.8%)
profiling 1.55 ms [1.517 ms, 1.583 ms] 208.084 µs (15.5%)
tracing 1.475 ms [1.45 ms, 1.5 ms] 133.624 µs (10.0%)
Request duration reports for insecure-bank 
gantt
    title insecure-bank - request duration [CI 0.99] : candidate=1.35.0-SNAPSHOT~f9498381d8, baseline=1.35.0-SNAPSHOT~f6c5dd3681
    dateFormat X
    axisFormat %s
section baseline
no_agent (366.936 µs) : 347, 386
.   : milestone, 367,
iast (483.394 µs) : 462, 504
.   : milestone, 483,
iast_FULL (551.287 µs) : 530, 572
.   : milestone, 551,
iast_GLOBAL (515.361 µs) : 494, 537
.   : milestone, 515,
iast_HARDCODED_SECRET_DISABLED (481.482 µs) : 461, 502
.   : milestone, 481,
iast_INACTIVE (450.269 µs) : 429, 471
.   : milestone, 450,
iast_TELEMETRY_OFF (467.054 µs) : 446, 488
.   : milestone, 467,
tracing (439.44 µs) : 419, 460
.   : milestone, 439,
section candidate
no_agent (369.773 µs) : 350, 389
.   : milestone, 370,
iast (481.08 µs) : 460, 502
.   : milestone, 481,
iast_FULL (551.031 µs) : 530, 572
.   : milestone, 551,
iast_GLOBAL (506.926 µs) : 486, 528
.   : milestone, 507,
iast_HARDCODED_SECRET_DISABLED (480.463 µs) : 459, 502
.   : milestone, 480,
iast_INACTIVE (454.779 µs) : 433, 476
.   : milestone, 455,
iast_TELEMETRY_OFF (472.235 µs) : 451, 493
.   : milestone, 472,
tracing (444.182 µs) : 424, 465
.   : milestone, 444,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 366.936 µs [347.47 µs, 386.401 µs] -
iast 483.394 µs [462.315 µs, 504.473 µs] 116.458 µs (31.7%)
iast_FULL 551.287 µs [530.154 µs, 572.42 µs] 184.351 µs (50.2%)
iast_GLOBAL 515.361 µs [494.118 µs, 536.605 µs] 148.425 µs (40.4%)
iast_HARDCODED_SECRET_DISABLED 481.482 µs [460.502 µs, 502.462 µs] 114.547 µs (31.2%)
iast_INACTIVE 450.269 µs [429.273 µs, 471.265 µs] 83.333 µs (22.7%)
iast_TELEMETRY_OFF 467.054 µs [445.943 µs, 488.164 µs] 100.118 µs (27.3%)
tracing 439.44 µs [419.063 µs, 459.817 µs] 72.504 µs (19.8%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 369.773 µs [350.403 µs, 389.143 µs] -
iast 481.08 µs [460.022 µs, 502.137 µs] 111.307 µs (30.1%)
iast_FULL 551.031 µs [529.618 µs, 572.444 µs] 181.258 µs (49.0%)
iast_GLOBAL 506.926 µs [485.757 µs, 528.096 µs] 137.153 µs (37.1%)
iast_HARDCODED_SECRET_DISABLED 480.463 µs [459.137 µs, 501.79 µs] 110.69 µs (29.9%)
iast_INACTIVE 454.779 µs [433.359 µs, 476.199 µs] 85.006 µs (23.0%)
iast_TELEMETRY_OFF 472.235 µs [451.124 µs, 493.346 µs] 102.462 µs (27.7%)
tracing 444.182 µs [423.639 µs, 464.725 µs] 74.409 µs (20.1%)

Dacapo

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master malvarez/waf-fix-blocking-jetty-11
git_commit_date 1717405497 1717405548
git_commit_sha f6c5dd3 f949838
release_version 1.35.0-SNAPSHOT~f6c5dd3681 1.35.0-SNAPSHOT~f9498381d8
See matching parameters
Baseline Candidate
application biojava biojava
ci_job_date 1717408389 1717408389
ci_job_id 529953597 529953597
ci_pipeline_id 35668245 35668245
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
variant appsec appsec

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 11 metrics, 1 unstable metrics.

Execution time for tomcat 
gantt
    title tomcat - execution time [CI 0.99] : candidate=1.35.0-SNAPSHOT~f9498381d8, baseline=1.35.0-SNAPSHOT~f6c5dd3681
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.455 ms) : 1444, 1466
.   : milestone, 1455,
appsec (2.181 ms) : 2148, 2214
.   : milestone, 2181,
iast (1.956 ms) : 1915, 1996
.   : milestone, 1956,
iast_GLOBAL (1.995 ms) : 1954, 2036
.   : milestone, 1995,
profiling (1.845 ms) : 1813, 1878
.   : milestone, 1845,
tracing (1.826 ms) : 1793, 1858
.   : milestone, 1826,
section candidate
no_agent (1.46 ms) : 1448, 1471
.   : milestone, 1460,
appsec (2.193 ms) : 2159, 2228
.   : milestone, 2193,
iast (1.95 ms) : 1909, 1990
.   : milestone, 1950,
iast_GLOBAL (1.991 ms) : 1951, 2032
.   : milestone, 1991,
profiling (2.314 ms) : 2135, 2493
.   : milestone, 2314,
tracing (1.819 ms) : 1787, 1850
.   : milestone, 1819,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.455 ms [1.444 ms, 1.466 ms] -
appsec 2.181 ms [2.148 ms, 2.214 ms] 726.086 µs (49.9%)
iast 1.956 ms [1.915 ms, 1.996 ms] 500.705 µs (34.4%)
iast_GLOBAL 1.995 ms [1.954 ms, 2.036 ms] 539.769 µs (37.1%)
profiling 1.845 ms [1.813 ms, 1.878 ms] 390.082 µs (26.8%)
tracing 1.826 ms [1.793 ms, 1.858 ms] 370.667 µs (25.5%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.46 ms [1.448 ms, 1.471 ms] -
appsec 2.193 ms [2.159 ms, 2.228 ms] 733.764 µs (50.3%)
iast 1.95 ms [1.909 ms, 1.99 ms] 490.237 µs (33.6%)
iast_GLOBAL 1.991 ms [1.951 ms, 2.032 ms] 531.671 µs (36.4%)
profiling 2.314 ms [2.135 ms, 2.493 ms] 854.474 µs (58.5%)
tracing 1.819 ms [1.787 ms, 1.85 ms] 359.016 µs (24.6%)
Execution time for biojava 
gantt
    title biojava - execution time [CI 0.99] : candidate=1.35.0-SNAPSHOT~f9498381d8, baseline=1.35.0-SNAPSHOT~f6c5dd3681
    dateFormat X
    axisFormat %s
section baseline
no_agent (15.013 s) : 15013000, 15013000
.   : milestone, 15013000,
appsec (15.001 s) : 15001000, 15001000
.   : milestone, 15001000,
iast (18.593 s) : 18593000, 18593000
.   : milestone, 18593000,
iast_GLOBAL (17.917 s) : 17917000, 17917000
.   : milestone, 17917000,
profiling (15.254 s) : 15254000, 15254000
.   : milestone, 15254000,
tracing (15.022 s) : 15022000, 15022000
.   : milestone, 15022000,
section candidate
no_agent (15.077 s) : 15077000, 15077000
.   : milestone, 15077000,
appsec (15.122 s) : 15122000, 15122000
.   : milestone, 15122000,
iast (18.927 s) : 18927000, 18927000
.   : milestone, 18927000,
iast_GLOBAL (17.644 s) : 17644000, 17644000
.   : milestone, 17644000,
profiling (15.855 s) : 15855000, 15855000
.   : milestone, 15855000,
tracing (15.214 s) : 15214000, 15214000
.   : milestone, 15214000,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 15.013 s [15.013 s, 15.013 s] -
appsec 15.001 s [15.001 s, 15.001 s] -12.0 ms (-0.1%)
iast 18.593 s [18.593 s, 18.593 s] 3.58 s (23.8%)
iast_GLOBAL 17.917 s [17.917 s, 17.917 s] 2.904 s (19.3%)
profiling 15.254 s [15.254 s, 15.254 s] 241.0 ms (1.6%)
tracing 15.022 s [15.022 s, 15.022 s] 9.0 ms (0.1%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 15.077 s [15.077 s, 15.077 s] -
appsec 15.122 s [15.122 s, 15.122 s] 45.0 ms (0.3%)
iast 18.927 s [18.927 s, 18.927 s] 3.85 s (25.5%)
iast_GLOBAL 17.644 s [17.644 s, 17.644 s] 2.567 s (17.0%)
profiling 15.855 s [15.855 s, 15.855 s] 778.0 ms (5.2%)
tracing 15.214 s [15.214 s, 15.214 s] 137.0 ms (0.9%)

@smola smola changed the title Fix request blocking for jetty >= 11.16.0 (HandleVisitor) Fix HandleVisitor instrumentation for jetty >= 11.16.0 (avoids logged error) May 31, 2024
@manuel-alvarez-alvarez manuel-alvarez-alvarez force-pushed the malvarez/waf-fix-blocking-jetty-11 branch 3 times, most recently from 175eeac to f949838 Compare June 3, 2024 09:05
@manuel-alvarez-alvarez manuel-alvarez-alvarez force-pushed the malvarez/waf-fix-blocking-jetty-11 branch from f949838 to e29f846 Compare June 3, 2024 15:02
@manuel-alvarez-alvarez manuel-alvarez-alvarez merged commit 5d97feb into master Jun 3, 2024
78 of 80 checks passed
@manuel-alvarez-alvarez manuel-alvarez-alvarez deleted the malvarez/waf-fix-blocking-jetty-11 branch June 3, 2024 15:40
@github-actions github-actions bot added this to the 1.35.0 milestone Jun 3, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cataphract cataphract cataphract approved these changes

@smola smola smola approved these changes

@jandro996 jandro996 Awaiting requested review from jandro996 jandro996 was automatically assigned from DataDog/asm-java

Assignees
No one assigned
Labels
comp: asm waf Application Security Management (WAF) type: bug
Projects
None yet
Milestone
1.35.0
Development

Successfully merging this pull request may close these issues.
3 participants
@manuel-alvarez-alvarez @smola @cataphract